We’re all on a journey into brand new territory, where advanced new technologies like AI are being used to provide us with brand new services.  These services require data.  

Progress will require us to look wholistically at the opportunities before us and assess them against the potential risks.  It will be a balance.  I suggest the way forward is to always consider what concerned privacy and security protectors are pointing to, and to push past whatever sensational headlines, fearmongering, or misinformation there may be, and carefully examine the true risks and to asses against the potential benefits –not to spread panic and false information as many are doing.  

Here is my assessment of the broader context.

1. Zoom is by many accounts the absolute leader in video and unified communications and is relied on heavily by many of the world’s largest and most security and privacy concerned companies in the world including the list below.  Keep this in mind when you think about the scrutiny that goes on by these large institutions and how you benefit from their size, needs for privacy and security, as well as their large influence and resources to protect themselves, their data, and their customers.
   • 86% of the Fortune100
   • 8 out of 10 of the largest U.S. banks
   • More than 50% of the world’s banks
   • 9 of the top 10 hospitals ranked by US News
   • Many of the world’s largest governments including the US and Canada
     
     

2. Zoom has A LOT of advanced features that many of the other vendors in their industry don’t have. These features are designed to make your meetings more productive and effective, and create happier employees and customers. Some of these advanced features are things like:
   • Transcriptions
   • Translations
   • AI based services like:
     • Automated Meeting Summaries
     • Conversation analysis allowing you to coach your staff and improve customer experience
     • Content generation (i.e. automated chat or email composition)
       
       
3. Perfecting these advanced features for your use requires lots of data –your data, and depersonalized aggregated data (Zoom’s data.  Metadata about your data).  These are two very different things and shouldn’t be conflated as many who should know better are doing.
   • You can’t have great AI tools without data.  The more high quality data the AI gets trained on the better the AI can provide you with value.
   • You can’t receive good output from a system or AI without providing good input (i.e. your data). 
     • For instance, you can’t have automatic meeting summaries to save each of your 200 sales reps 20 minutes of CRM entry per call,  if you don’t give the system access to the calls so it can summarize them for you.
       
       

4. The question in my mind therefore is not if a provider will use my data to provide me with service, but rather how well they will secure my data and if they share it with others.  This is where you can look to the vendor’s track record of maintaining trust in this area and their transparency about how they will use and protect your data (i.e. the Terms of Use and Privacy Policy).

• • In Zoom’s case they maintain that they do not share your data with 3rd parties except for specific cases as outlined in sections we’ll get to below.
  • Again, they maintain they will not use your data for training their AI models without your consent.

What if we don’t need any “advanced features”?

Now before we get to scrutinizing the privacy policy changes, let me say this:

1. If you don’t want to use these advanced features then don’t use them.  Administrators can turn them off and your staff won’t be able to use them –even if they could really benefit from these tools to make their lives easier, more efficient and productive to better achieve their company goals and beat the competition (who you can bet will be using every advanced feature at their disposal).
   
   

2. As such I recommend that IT, InfoSec, or Legal, should not be making this decision for the company, but raising their concerns to let the business leaders decide based on their risk versus benefit assessments and based on what they want in terms of creating the best employee and customer experiences.
   • Also, keep in mind that every SaaS provider you use (whether they provide you with any kind of advanced AI features or not), will require your data.  This goes for all of Zoom’s competitors, so make sure your company is being just as concerned and diligent about privacy and security with any alternatives they want you to consider.
     
     

3. Even if every advanced Zoom feature was enabled as a default, you can still choose to make any meeting an End to End Encrypted meeting in which case Zoom will have no ability to use any of your call content to better serve you.  
   • Nobody but the participants themselves will have access to the meeting, and these concerns about data privacy become moot.  This means no cloud recordings, no transcriptions, no translations, and certainly no advanced AI features like meeting summaries, auto generated content, or conversational analysis.  If you choose to record such a sensitive call on your own computers then it becomes your responsibility to ensure privacy and security are maintained.  Your people and systems better be up to the task, otherwise don’t allow recordings at all.